HAVOC

Halting Attacks Via Obstructing Configurations

HAVOC is a software application that uses small system configuration changes to cause malware to fail at runtime.

HAVOC alters the configuration of a defender’s system in a way that specifically targets the heterogeneity relied on by autonomous malware.

By making these targeted benign changes, HAVOC adds failure-causing unknowns for autonomous malware, and eliminates the traditional information asymmetry advantage of the attacker. This is a cyber-domain implementation of the Counter Intel & Special Ops theory known as the Moving Target Defense.